From the release notes
(https://github.com/memcached/memcached/wiki/ReleaseNotes1436):
Important bug fix that could lead to a hung slab mover. Also improves
memory efficiency of chunked items.
[Peter: add release notes link / mention important bug fix]
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From the release notes (https://www.openssh.com/txt/release-7.5):
Security
--------
* ssh(1), sshd(8): Fix weakness in CBC padding oracle countermeasures
that allowed a variant of the attack fixed in OpenSSH 7.3 to proceed.
Note that the OpenSSH client disables CBC ciphers by default, sshd
offers them as lowest-preference options and will remove them by
default entriely in the next release. Reported by Jean Paul
Degabriele, Kenny Paterson, Martin Albrecht and Torben Hansen of
Royal Holloway, University of London.
* sftp-client(1): [portable OpenSSH only] On Cygwin, a client making
a recursive file transfer could be maniuplated by a hostile server to
perform a path-traversal attack. creating or modifying files outside
of the intended target directory. Reported by Jann Horn of Google
Project Zero.
[Peter: mention security fixes]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas:
- switch to version 9.21 now that it has been released
- add a hash file
- switch to Git formatted patches
- use $(HOSTCC) instead of hardcoding "gcc", and use $(HOST_CFLAGS) and
$(HOST_LDFLAGS) instead of hardcoding -L$(HOST_DIR)/usr/lib
-I$(HOST_DIR)/usr/include
- add entry to DEVELOPERS file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
.pyc files contain the modification time of the corresponding .py
source. In order to make the build reproducible, we fix the modification
time of all .py before compiling .pyc files.
In addition, since pycompile relies on the modification time to know if
a file needs to be recompiled, it is safer to force recompilation of all
source files.
This work was sponsored by `BA Robotic Systems'.
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
[Thomas: do not register PYTHON_FIX_TIME as a
PYTHON_TARGET_FINALIZE_HOOKS, instead call it inside
PYTHON_CREATE_PYC_FILES before doing the byte compilation.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
.pyc files contain the modification time of the corresponding .py
source. In order to make the build reproducible, we fix the modification
time of all .py before compiling .pyc files.
In addition, since pycompile relies on the modification time to know if
a file needs to be recompiled, it is safer to force recompilation of all
source files.
This work was sponsored by `BA Robotic Systems'.
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
[Thomas: do not register PYTHON_FIX_TIME as a
PYTHON_TARGET_FINALIZE_HOOKS, instead call it inside
PYTHON_CREATE_PYC_FILES before doing the byte compilation.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-elecrons.com>
By default, compile_dir() relies on the modification time to know if a
python file has to be built again. However in some circumstances (when
doing reproducible builds), modification times are not reliable. Thus,
this patch adds a way to force the rebuild of all python sources.
Signed-off-by: Jérôme Pouiller <jezz@sysmic.org>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
gx6605s is a nice SOC for dvbs2 DVB product, and C-SKY inside.
Signed-off-by: Guo Ren <ren_guo@c-sky.com>
[Thomas: drop post-image script copying the gdbinit file, and suggest
to use gdb -x option instead to point to the gdbinit file in board/.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
----
Changes v1 -> v2:
- use select instead of depends for BR2_PACKAGE_WAYLAND_PROTOCOLS
(suggested by Thomas Petazzoni)
- add select BR2_PACKAGE_WAYLAND_PROTOCOLS to missing second
place (BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_WAYLAND)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Disable wayland support (only needed for the interactive-wayland
test program). This fixes a compile failure in case wayland
support is autodetected:
GEN xdg-shell-unstable-v5-protocol.c
/bin/sh: /usr/bin/wayland-scanner: No such file or directory
Makefile:2426: recipe for target 'xdg-shell-unstable-v5-protocol.c' failed
make[3]: *** [xdg-shell-unstable-v5-protocol.c] Error 127
make[3]: *** Waiting for unfinished jobs....
GEN xdg-shell-unstable-v5-client-protocol.h
/bin/sh: /usr/bin/wayland-scanner: No such file or directory
Makefile:2428: recipe for target 'xdg-shell-unstable-v5-client-protocol.h' failed
make[3]: *** [xdg-shell-unstable-v5-client-protocol.h] Error 127
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
As shown recently by the firejail example, it is easy to miss that a
package builds and installs binaries without actually cross-compiling
them: they are built for the host architecture instead of the target
architecture.
This commit adds a small helper script, check-bin-arch, called as a
GLOBAL_INSTRUMENTATION_HOOKS at the end of the target installation of
each package, to verify that the files installed by this package have
been built for the correct architecture.
Being called as a GLOBAL_INSTRUMENTATION_HOOKS allows the build to error
out right after the installation of the faulty package, and therefore
get autobuilder error detection properly assigned to this specific
package.
Example output with the firejail package enabled, when building for an
ARM target:
ERROR: architecture for ./usr/lib/firejail/libconnect.so is Advanced Micro Devices X86-64, should be ARM
ERROR: architecture for ./usr/bin/firejail is Advanced Micro Devices X86-64, should be ARM
ERROR: architecture for ./usr/lib/firejail/libtrace.so is Advanced Micro Devices X86-64, should be ARM
ERROR: architecture for ./usr/lib/firejail/libtracelog.so is Advanced Micro Devices X86-64, should be ARM
ERROR: architecture for ./usr/lib/firejail/ftee is Advanced Micro Devices X86-64, should be ARM
ERROR: architecture for ./usr/lib/firejail/faudit is Advanced Micro Devices X86-64, should be ARM
ERROR: architecture for ./usr/bin/firemon is Advanced Micro Devices X86-64, should be ARM
ERROR: architecture for ./usr/bin/firecfg is Advanced Micro Devices X86-64, should be ARM
Many thanks to Yann E. Morin and Arnout Vandecappelle for their reviews
and suggestions.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This config option corresponds to the string returned by readelf for
the "Machine" field of the ELF header. It will be used to check if the
architecture of binaries built by Buildroot match the target
architecture.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This fixes the following nommu kernel build issue:
arch/xtensa/kernel/setup.c: In function 'cpu_reset':
arch/xtensa/kernel/setup.c:553:2: error: implicit declaration of function
'local_flush_tlb_all' [-Werror=implicit-function-declaration]
local_flush_tlb_all();
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
When Gstreamer debugging is disabled (BR2_PACKAGE_GSTREAMER1_GST_DEBUG)
we get following build errors:
gstvaapisink.c: In function 'gst_vaapisink_init':
gstvaapisink.c:1902:39: error: 'gst_debug_vaapisink' undeclared (first use in this function)
gstvaapisink.c:1902:39: note: each undeclared identifier is reported only once for each function it appears in
gstvaapidecode.c: In function 'gst_vaapidecode_init':
gstvaapidecode.c:1365:63: error: 'gst_debug_vaapidecode' undeclared (first use in this function)
gstvaapidecode.c:1365:63: note: each undeclared identifier is reported only once for each function it appears in
gstvaapipostproc.c: In function 'gst_vaapipostproc_init':
gstvaapipostproc.c:1811:7: error: 'gst_debug_vaapipostproc' undeclared (first use in this function)
gstvaapipostproc.c:1811:7: note: each undeclared identifier is reported only once for each function it appears in
Add upstream patch to fix these build issues.
Fixes:
http://autobuild.buildroot.net/results/653/653d9b056b04e589b8f5c57111635b0b3d7c8949
Signed-off-by: Rahul Bedarkar <rahul.bedarkar@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The configure script now supports --{enable,disable}-libnl, use them.
Cc: Ilias Apalodimas <apalos@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
List libnl as a dependency when it is enabled. Make sure that
libnfnetlink is actually enabled when listing it as a dependency.
Cc: Ilias Apalodimas <apalos@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This version bump removes (L)GPLv3 license text which were leftover
from previous implementation.
Signed-off-by: Rahul Bedarkar <rahul.bedarkar@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
All source files, except src/filemq_client.c and src/filemq_server.c,
has MPL Version 2.0 license text in file header.
As confirmed with upstream [1] (L)GPLv3 license texts COPYING and
COPYING.LESSER are leftover from previous implementation.
[1] - https://github.com/zeromq/filemq/issues/74
Signed-off-by: Rahul Bedarkar <rahul.bedarkar@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
For sparc-buildroot-linux-uclibc/sysroot/usr/include/asm/termbits.h
containing:
/* These have totally bogus values and nobody uses them
so far. Later on we'd have to use say 0x10000x and
adjust CBAUD constant and drivers accordingly.
#define B2500000 0x00001010
#define B3000000 0x00001011
#define B3500000 0x00001012
#define B4000000 0x00001013 */
Fixes [1]:
wiringSerial.c: In function 'serialOpen':
wiringSerial.c:78:28: error: 'B2500000' undeclared (first use in this function)
case 2500000: myBaud = B2500000 ; break ;
^
wiringSerial.c:78:28: note: each undeclared identifier is reported only once for each function it appears in
wiringSerial.c:79:28: error: 'B3000000' undeclared (first use in this function)
case 3000000: myBaud = B3000000 ; break ;
^
wiringSerial.c:80:28: error: 'B3500000' undeclared (first use in this function)
case 3500000: myBaud = B3500000 ; break ;
^
wiringSerial.c:81:28: error: 'B4000000' undeclared (first use in this function)
case 4000000: myBaud = B4000000 ; break ;
^
[1] http://autobuild.buildroot.net/results/5be/5bea1e95d1c7b444a5f0a5770251f1af3efc9c18
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
libv4l adds the -lrt flag since upstream commit 3dcb945bfcab
("v4l2-compliance: Explicitely link against rt library").
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Automake currently has a unescaped left brace in it's automake.in folder
that generates the warning:
"Unescaped left brace in regex is deprecated, passed through in regex;"
This patch, which is backported from upstream fixes this warning.
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
[Thomas: format patch using "git format-patch".]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Also add host-pkgconf to detect sqlite support, otherwise
checking pkg-config is at least version 0.9.0...
./configure: line 7981: /home/buildroot/br2/output/host/usr/bin/pkg-config: No such file or directory
no
[...]
checking for SQLITE3... no
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is useful when bind-mounting the docker client binary into
containers for a docker-in-docker setup.
The Docker CLI communicates with the daemon over a socket. It is
sometimes useful to bind-mount the Docker CLI and socket into containers at
run-time, so that scripts within the containers can call the Docker API
in the host using a client compatible with the host daemon.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>